Four-Project Series
Authentication, Authorization, and Audit Management for APIs you own this product
- prerequisites
- basics of Java 11 • basics of Spring MVC • basics of JDBC or Spring Data • basic debugging • Postman for API Testing
- skills learned
- HTTP authentication with username and password • implementing session management • access control testing • logging requests for auditing purposes
pro $24.99 per month
- access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
- choose one free eBook per month to keep
- exclusive 50% discount on all purchases
lite $19.99 per month
- access to all Manning books, including MEAPs!
team
5, 10 or 20 seats+ for your team - learn more
In this series of liveProjects, you’ll set up authentication, authorization, and audit management capabilities for a REST API used by an HR employee leave management application. This application has both web and mobile versions, and handles sensitive employee data. It’s essential that the API is safe and secure. Each liveProject in this series covers a different part of the process, so you can choose the right experience for your needs.
These projects are designed for learning purposes and are not complete, production-ready applications or solutions.
here's what's included
Project 1 HTTP Authentication
In this liveProject, you’ll implement username-based HTTP authentication for your API in order to securely store passwords in your database. You’ll develop user signup functionality to ensure only registered users can leverage the REST API, build a user login for authenticating users as they access your REST API, and test its functionality using Postman.
This liveProject was implemented by Natan Streppel.
This liveProject was implemented by Natan Streppel.
Project 2 Session Management
In this liveProject, you’ll add secure session management to the API for granting employee leave. You’ll implement an authenticated leave retrieval call, a user logout flow, and a password update flow for users whose credentials are forgotten or compromised. These are essential building blocks for creating a secure API.
This liveProject was implemented by Natan Streppel.
This liveProject was implemented by Natan Streppel.
Project 3 Authorization
In this liveProject, you’ll implement HTTP authentication so that leave requests can be authorized based on user role. You will set up three Role Based Access Control (RBAC) functionalities for the REST API. The first RBAC will allow a reportee user account to access its own leave requests while keeping other data secure. The second RBAC will allow managers to see all the leave requests of employees they are responsible for. Finally, you’ll establish an RBAC for approving leave requests.
This liveProject was implemented by Natan Streppel.
This liveProject was implemented by Natan Streppel.
Project 4 Audit Logging
In this liveProject, you’ll learn how to log all the requests to your API for the purpose of audit and transparency. You’ll start by implementing logging for all user login attempts, and persist the audit events to the database for future reference. You’ll then set up logging for authorization requests, making sure that you replace passwords and usernames with uniquely identifiable yet anonymized user identifiers.
This liveProject was implemented by Natan Streppel.
This liveProject was implemented by Natan Streppel.
book resources
When you start each of the projects in this series, you'll get full access to the following book for 90 days.
choose your plan
pro
monthly
annual
$24.99
$249.99
only $20.83 per month
- access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
- choose another free product every time you renew
- choose twelve free products per year
- exclusive 50% discount on all purchases
-
![]()
Authentication, Authorization, and Audit Management for APIs project for free
Authentication, Authorization, and Audit Management for APIs project for free
team
monthly
annual
$49.99
$499.99
only $41.67 per month
- five seats for your team
- access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
- choose another free product every time you renew
- choose twelve free products per year
- exclusive 50% discount on all purchases
-
![]()
Authentication, Authorization, and Audit Management for APIs project for free
Prerequisites
The liveProject is for Java programmers familiar with the basics of REST APIs. To begin this project you will need to be familiar with the following:
TOOLS
- Basics of Java, min. version 11 (classes, interfaces)
- Basics of Spring MVC (POST of GET requests)
- Basics of JDBC or Spring Data (insert or retrieve data from a database)
- Java IDEs such as Eclipse or IntelliJ IDEA
- Testing APIs via Postman
- Gradle, min. version 6.4.1
- Docker, min. version 17.03, and Docker Compose, min. version 1.22.0
- Git
- Basic debugging
- Code reviews
- Code refactoring
- Unit testing
- Security testing
features
- Self-paced
- You choose the schedule and decide how much time to invest as you build your project.
- Project roadmap
- Each project is divided into several achievable steps.
- Get Help
- While within the liveProject platform, get help from other participants and our expert mentors.
- Compare with others
- For each step, compare your deliverable to the solutions by the author and other participants.
- book resources
- Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.
